Categories
Breach Bug CVE Cyber Security Ponzi scheme Scam Vulnerability

Misconfigured Elasticsearch leaks 882GB user data, Indian orgs. report highest cyberattacks after US, and more

Major cybersecurity events on 14th September 2020 (Evening Post): US citizen charged with running a diamond and cryptocurrency-based Ponzi scheme. Vulnerabilities expose thousands of MobileIron servers to remote attacks. Zerologon attack lets hackers take over enterprise networks.

Round Up of Major Breaches and Scams

Database mess up leaks 882 GB of ecommerce & dating sites data

A misconfigured Elasticsearch server is responsible for exposing data amounting to more than 370 million records. Dating sites have recently started to increasingly become the target of malicious actors. This may be centered around how lucrative of a victim they are in terms of the data obtained. Keeping this in mind, just today, a new report has been released by vpnMentor which investigates a new data leak of 70+ websites falling mainly into the dating niche along with including e-commerce sites as well.

US citizen charged with running diamond Ponzi scheme, cryptocurrency scam

A 51-year-old US citizen has been charged with running a diamond and cryptocurrency-based Ponzi scheme. Prosecutors claim that Jose Angel Aman, from Washington, DC., operated a fraudulent investment scheme across the United States and Canada, luring investors with promises of quick returns in the diamond trade. The US Department of Justice (DoJ) said on Friday that Aman was the operator of a Ponzi scheme from May 2014 to May 2019. Together with his partners, Aman allegedly solicited individuals to invest in “diamond contracts,” in which their money would be used to buy large, rough, uncut diamonds.

Ca: Multiple Penalties Issued to Individual Convicted of Health Information Breaches

September 10 — A former medical clinic employee pleaded guilty on Wednesday, Sept. 2 to breaching the health information of several individuals in contravention of the Health Information Act (HIA). Olivia Franc was fined $6,000, given three years’ probation including not being able to access health information, and is required to complete 180 hours of community service for the infractions. Ms. Franc accessed the health records of close acquaintances, friends and others in the community.

Round Up of Major Malware and Ransomware Incidents

Organizations in India Report Highest Cyberattacks, followed by U.S.

While organizations are trying hard to cope with the new working conditions like connecting with remote employees and securing critical data at distributed networks, opportunistic cybercriminals are targeting organizations that lack cyber readiness. The “Acronis Cyber Readiness Report 2020,” from cybersecurity firm Acronis revealed how organizations are mitigating the effects caused by the pandemic to their business operations and security posture.

Round Up of Major Vulnerabilities and Patches

New BlindSide attack uses speculative execution to bypass ASLR

Academics have developed a new technique for attacking secure computer systems by abusing speculative execution, a CPU mechanism that’s normally used for performance optimizations. The technique, named BlindSide, was detailed in a paper published last week by a team of academics from the Stevens Institute of Technology in New Jersey, ETH Zurich, and the Vrije University in Amsterdam. Researchers say that BlindSide can be used to craft exploits that bypass ASLR (Address Space Layout Randomization) on modern operating systems.

Travel Sites Riddled with Hundreds of Vulnerabilities

Security researchers have discovered hundreds of vulnerabilities across major hotel and airline and travel booking websites, some of which have already suffered major breaches. UK-based consumer rights group Which? and tech consultancy 6point6 studied 98 travel sector companies, probing websites, subdomains, employee portals and other web properties with lawful online tools. They found Marriott-owned websites were riddled with 497 bugs including over 100 assessed to be “high” (96) or “critical” (18).

Vulnerabilities Expose Thousands of MobileIron Servers to Remote Attacks

Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron’s mobile device management (MDM) solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers. The vulnerabilities were identified by researchers at security consulting firm DEVCORE and they were reported to MobileIron in early April. Patches were released on June 15 and the vendor released an advisory on July 1.

Zerologon attack lets hackers take over enterprise networks

Unbeknownst to many, Microsoft patched last month in August one of the most severe bugs ever reported to the company, an issue that could be abused to easily take over Windows Servers running as domain controllers in enterprise networks. The bug was patched in the August 2020 Patch Tuesday under the identifier of CVE-2020-1472. It was described as an elevation of privilege in Netlogon, the protocol that authenticates users against domain controllers.